Security with NSX Data Center

Protect your Network with Context-Aware Micro-Segmentation

VMware NSX Data Center delivers consistent, automatable network security to workloads no matter where they live -- from the data center, to the cloud, to the edge. With NSX Data Center, network security policies can be defined based on application contexts and enforced on every individual workload, without the need to touch the physical network.

Learn about NSX security and micro-segmentation.

BENEFITS

Security by Default

NSX Data Center enables automated security provisioning so that as new compute resources are created they are secured by default, from the moment they are spun up to the moment they are deprecated.

Application-Centric Security

Network security policies shouldn’t be limited to IP address and MAC. NSX Data Center allows security policies to be defined based on application, user, and workload contexts. Network security teams have more flexibility to design policies that are resilient in the face of ever-changing applications.

Granular Visibility and Control

NSX Data Center provides insight into network traffic flow between and within applications. It automatically suggests security groups and policies for achieving micro-segmentation. Implementing these policies is only a few mouse clicks away.

SECURITY USE CASES FOR NSX DATA CENTER

Micro-Segment Critical Applications

NSX Data Center makes network micro-segmentation feasible for the first time. Security policies are enforced at the individual workload level, which enables the segmentation of workloads that live on the same physical host without having to hairpin traffic out through an external physical or virtual firewall.

Dynamically Insert Third-Party Security Services

NSX Data Center allows for the insertion of advanced third-party security services into a given micro-segment. Rather than routing all network traffic through a physical device or virtual appliance, such as an NGFW or IDS/IPS, NSX Data Center can dynamically steer specific traffic at the virtual network layer.

Agentless Anti-Virus with Guest Introspection

Installing and managing AV agents on workloads in the data center is tedious and error-prone. NSX Data Center leverages guest introspection to offload AV agents from the workload to the hypervisor, improving workload efficiency and simplifying AV management without sacrificing protection.